Incorrect Total Assets Calculation in _harvestAndReport Leading to Share Value Manipulation and Irredeemable Assets

not adding `claimable` balance to the total assets in `_harvestAndReport` can cause losses.

Inflated `totalAssets` in `StrategyMainnet`, `StrategyArb`, and `StrategyOp` Contracts

Users can claim more that their actual allotment

In `transferVesting`, the `grantorVesting.releaseRate` is calculated incorrectly, which leads to the sender being able to unlock more tokens than were initially locked.

Underflow in `claimable` DOSing `claim` Function

Cancel doesn't remove orders mappings, allowing attacker to modify it to extract funds again

in oracleLess, attacker can create two orders in same block to steal funds

cross function reentrency to cause loss of funds to user by malicious `target`

users that gave approvals to `stopLimit` contract can be drained

Attacker can use malicious token with hook in `oracleLess` to cause loss of funds to users

attacker can dos the time sensetive `fillStopLimitOrder::stopLimit`

wrong logical operator in `PythOracle` Forcing Stale prices only

relisting previously liquidated NFT will cause loss of funds to new owner

reserving a previously liquidated Token will cause loss of funds to new owner

`Listings::reserve()` doesn't delete reserved listings causing integration issue

Voters lose their tokens due to misconfiguration in `cancel` function

Malicious Whale can cause Loss of Fees of LP Providers

User Initializing a Pool will have his funds stuck

Owner of Bridged ERC1155 Royalties can't claim them

Attacker can frontrun large fee deposits from `fillListing`

Malicious user can prevent `lockerManager` from executing `CollectionShutdown` function

Malicious user can bypass execution of `CollectionShutdown` function

EdgeCase in `CollectionShutdown` leading to funds being stuck.

Malicious Whale can manipulate `totalsupply` to liquidate or illiquidate a liqudiateable listing

Broken core contract functionality `UniswapImplementation::setFeeExemption` making `exemptionFee` is never useable

User extra funds during Pool initializtion would be stuck in `UniswapImplementation`

in `farmPlots()` an underflow in edge case leading to freeze of funds (NFT)

[H-01] Miscalculation in `_farmPlots` function could lead to a user unable to unstake all NFTs

Invalid validation in _farmPlots function allowing a malicious user repeated farming without locked funds